General

Summary

A vulnerability was found in Microsoft Internet Explorer 9.x. It has been classified as problematic. Affected is an unknown function of the component IFRAME Rendering. The manipulation with an unknown input leads to a privilege escalation vulnerability. This is going to have an impact on confidentiality, and integrity.

The issue has been introduced in 03/16/2010. The weakness was presented 08/09/2011 by Rosario Valotta (Full-Disclosure). The advisory is shared for download at archives.neohapsis.com. This vulnerability is traded as CVE-2011-2383 since 06/03/2011. It is possible to launch the attack remotely. The exploitation doesn’t require any form of authentication. The technical details are unknown and an exploit is not available.

The vulnerability was handled as a non-public zero-day exploit for at least 444 days. The vulnerability scanner Nessus provides a plugin with the ID 802203 (Microsoft Internet Explorer Cookie Hijacking Vulnerability), which helps to determine the existence of the flaw in a target environment. It is assigned to the family General. The commercial vulnerability scanner Qualys is able to test this issue with plugin 100100.

Upgrading eliminates this vulnerability. Applying the patch MS11-057 is able to eliminate this problem. The bugfix is ready for download at microsoft.com. The best possible mitigation is suggested to be upgrading to the latest version. The vulnerability is also documented in the databases at SecurityFocus (BID 47989), X-Force (68823), Secunia (SA45565) and VulnerabilityCenter (SBV-31723). The entries 2069, 4383, 57580 and 58235 are pretty similar.